stackoom
  简体   繁体   中英

Encode JSON in order to create it as secret with Python k8s Client

 原文  2022-09-07 08:01:35       python/ kubernetes

Question

I have a big yaml file that I want to store as a secret in my kubernetes cluster. The following command succeeds:

k create secret generic values --from-file=my-values.yaml

But in my code, I want to use the k8s python client. So I want to do something like this:

def make_k8s_client(kubeconig):
....

def create_secret(name, data, client_api):
    secret = client.V1Secret(
        api_version="v1",
        kind="Secret",
        metadata=client.V1ObjectMeta(name=name),
        data=data,
    )

    client_api.create_namespaced_secret(namespace="default",
                                              body=secret)

k8s_api = make_k8s_client("path-to-kubeconfig")

with open("path-to/my-values.yaml") as f:
    values = yaml.load(f)

If I pass the yaml like this:

create_secret("mysecret", values, k8s_api)

I get this error:

HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Secret in version \"v1\" cannot be handled as a Secret: v1.Secret.Data: decode base64: illegal base64 data at input byte 0, error found in #10 byte of ...|pe\": \"abc\", \"def|..., bigger context ...|{\"apiVersion\": \"v1\", \"data\": {\"k8sType\": \"abc\", \"secret\": \"mysecret\", \"type\": \"mytype","reason":"BadRequest","code":400}

If I pass the secret like this:

create_secret("mysecret", base64.urlsafe_b64encode(json.dumps(values).encode()).decode(), k8s_api)

I get this error:

HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Secret in version \"v1\" cannot be handled as a Secret: v1.Secret.Data: ReadMapCB: expect { or n, but found \", error found in #10 byte of ...| \"data\": \"eyJrOHNUeX|..., bigger context ...|{\"apiVersion\": \"v1\", \"data\": \"eyJrOHNUeXBlIjogImF3cyIsICJnYXJkZW5lclNlY3JldCI6IC|...","reason":"BadRequest","code":400}

How do I have to encode the json file in order to be able to pass it to the python k8s client?

1 answers

solution1
 1 ACCPTED  2022-09-07 10:12:31

Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here ( 1 ).

V1Secret(
    api_version="v1",
    kind="Secret",
    metadata=client.V1ObjectMeta(name=name),
    data={
    'my-values.yaml': base64.b64encode(json.dumps(values).encode()).decode("utf-8")
     },

How to create and use a Secret

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question k8s/python: How do I read a secret using the Kubernetes Python client? K8s Python Access Secret from inside Kubernetes K8S API access with client certificate using python client interact with API added by k8s operator using native k8s python client k8s volumesnapshot is created but it returns 409 error message in python k8s client How to delete a k8s deployment using k8s python client? Using kubectl rollout restart equivalent with k8s python client Can I take a volume snapshot with the k8s python client? Calling arbitrary k8s apis using the Python client Using kubectl run command equivalent with K8s Python client
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM